The Modern, Autonomous Enterprise - Four Essential Network Solutions - Part 2
Apr 5, 2018
In part 1 I described the benefits of Sky Enterprise and our JET and JTI automation interfaces to enabling the modern, autonomous enterprise. Here I cover the second two essential network solutions. As a reminder, the four essential solutions are:
Common architectures for campus, private cloud and public cloud with EVPN and VXLAN
End-to-end security with SDSN
Common Architectures for Campus, Private Cloud and Public Cloud
While enterprise networks continue to evolve, an entire network deployment is seldom upgraded in a single step. In fact, campus core networks are refreshed at a slower rate than access switches or wireless access points. This makes it even more important to look ahead in the future while planning for the next major refresh. We see enterprises breaking away from traditional designs that rely heavily on multi-tier architectures and layer 2 sprawl across the network.
Juniper’s Evolved Campus Core adopted technologies pioneered and perfected in the data center to offer a scalable and open standards-based architecture. Unencumbered by the limits of VLAN scale, MAC database size, stranded capacity or long convergence times, the Evolved Campus Core enables larger networks with support for both layer 2 or layer 3 application traffic. Ethernet VPN, or EVPN, fundamentally enables this technology. EVPN relies on BGP for distributing control plane information and auto-discovery of provider edge (PE) nodes, uses control plane based learning for efficient network utilization, and natively supports active-active multi-homing. EVPN relies on decades of proven techniques from IP/BGP to provide scalability, fast convergence and virtualization. For example, route reflectors and route filtering allow EVPN to achieve scalable virtualized networks using standard-based protocols.
Virtual Extensible Local Area Network (VXLAN) overlay with EVPN allows layer 2 connectivity across the network while providing active-active redundancy, aliasing and mass MAC withdrawal. And when required, the PE switch/router, can also provide a VXLAN layer 3 gateway and route between VXLAN segments. Since the core network is based on standard IP, EVPN-VXLAN allows creating the Evolved Campus Core without the necessity of replacing the rest of core infrastructure.
Enabling an Evolved Campus Core with EVPN provides flexibility when integrating with Junos Fusion, Juniper’s premier Ethernet fabric technology based on the 802.1br standard, as well as other fabric technologies in distribution/access. Ultimately, it paves the way for enabling EVPN across a broader footprint over time. In fact, even small portions of the network can start using EVPN Ethernet Segment Identifier (ESI) LAG to replace traditional, limiting technologies such as xSTP or MC-LAG to connect core devices. Segmentation is natural for EVPN-based architectures and helps create administrative and security zones in the enterprise.
End-to-End Security with SDSN
In the age of mobile and always-connected devices that cross in and out of enterprise network boundary, traditional security measures prove grossly insufficient. Modern enterprises need a comprehensive platform that can detect threats at the source and block infected devices. The Software-Defined Secure Network (SDSN) is Juniper’s holistic cyber security platform that automatically and dynamically detects and responds to threats. With the SDSN framework, the entire network, including physical, virtual, router, switch and firewall, becomes an active participant in detecting and containing threats. SDSN works on a zero trust model for cybersecurity and is able to isolate application or edge devices to stop the spread of infection. This is achieved using an intent-based policy engine that allows enforcement across all network elements including third-party vendor elements.
Juniper Delivers: Engineering. Simplicity.
As a trusted partner to enterprises worldwide, Juniper continues to solve the tough problems faced by the enterprise, making it simple for them to connect securely and reliably to the cloud, ensuring business continuity. We view this as “Engineering. Simplicity.” The needs of enterprises are changing with a rapid increase in the number of connected devices and an evolving threat landscape. Juniper’s enterprise portfolio is the strongest it has ever been, and all with a commitment to open standards. This year we celebrate Juniper’s 10th anniversary in switching, as we continue to rapidly innovate, taking multiple small but bold steps towards a Self-Driving NetworkTM.